Description

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.

Remediation

References

CVE-2024-24680

Related Vulnerabilities

WordPress Plugin WP-Lister Lite for Amazon Cross-Site Scripting (2.4.3)

WordPress Plugin Sina Extension for Elementor Local File Inclusion (2.2.0)

MySQL CVE-2020-14775 Vulnerability (CVE-2020-14775)

MySQL CVE-2017-3453 Vulnerability (CVE-2017-3453)

WordPress Plugin WP No External Links Spam Injection (4.2.2)

Severity

High

Classification

CVE-2024-24680 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities